From 519519233476a6b027208f94f1a248a9abc68dbc Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Fri, 16 Jun 2023 06:00:37 +0000 Subject: [PATCH] Auto-Update: 2023-06-16T06:00:34.503353+00:00 --- CVE-2022/CVE-2022-461xx/CVE-2022-46165.json | 12 +++- CVE-2022/CVE-2022-470xx/CVE-2022-47015.json | 6 +- CVE-2023/CVE-2023-06xx/CVE-2023-0666.json | 8 ++- CVE-2023/CVE-2023-06xx/CVE-2023-0668.json | 8 ++- CVE-2023/CVE-2023-11xx/CVE-2023-1161.json | 6 +- CVE-2023/CVE-2023-19xx/CVE-2023-1992.json | 6 +- CVE-2023/CVE-2023-19xx/CVE-2023-1993.json | 6 +- CVE-2023/CVE-2023-19xx/CVE-2023-1994.json | 6 +- CVE-2023/CVE-2023-240xx/CVE-2023-24038.json | 10 +++- CVE-2023/CVE-2023-243xx/CVE-2023-24329.json | 6 +- CVE-2023/CVE-2023-28xx/CVE-2023-2854.json | 8 ++- CVE-2023/CVE-2023-28xx/CVE-2023-2855.json | 8 ++- CVE-2023/CVE-2023-28xx/CVE-2023-2856.json | 6 +- CVE-2023/CVE-2023-28xx/CVE-2023-2857.json | 8 ++- CVE-2023/CVE-2023-28xx/CVE-2023-2858.json | 6 +- CVE-2023/CVE-2023-28xx/CVE-2023-2879.json | 6 +- CVE-2023/CVE-2023-29xx/CVE-2023-2952.json | 8 ++- CVE-2023/CVE-2023-327xx/CVE-2023-32752.json | 55 ++++++++++++++++++ CVE-2023/CVE-2023-327xx/CVE-2023-32753.json | 55 ++++++++++++++++++ CVE-2023/CVE-2023-327xx/CVE-2023-32754.json | 55 ++++++++++++++++++ CVE-2023/CVE-2023-32xx/CVE-2023-3214.json | 6 +- CVE-2023/CVE-2023-32xx/CVE-2023-3215.json | 6 +- CVE-2023/CVE-2023-32xx/CVE-2023-3216.json | 6 +- CVE-2023/CVE-2023-32xx/CVE-2023-3217.json | 6 +- CVE-2023/CVE-2023-334xx/CVE-2023-33461.json | 8 ++- CVE-2023/CVE-2023-348xx/CVE-2023-34845.json | 20 +++++++ CVE-2023/CVE-2023-357xx/CVE-2023-35708.json | 28 +++++++++ README.md | 63 +++++++++++---------- 28 files changed, 371 insertions(+), 61 deletions(-) create mode 100644 CVE-2023/CVE-2023-327xx/CVE-2023-32752.json create mode 100644 CVE-2023/CVE-2023-327xx/CVE-2023-32753.json create mode 100644 CVE-2023/CVE-2023-327xx/CVE-2023-32754.json create mode 100644 CVE-2023/CVE-2023-348xx/CVE-2023-34845.json create mode 100644 CVE-2023/CVE-2023-357xx/CVE-2023-35708.json diff --git a/CVE-2022/CVE-2022-461xx/CVE-2022-46165.json b/CVE-2022/CVE-2022-461xx/CVE-2022-46165.json index 2e621313c8b..5ea6d4a743c 100644 --- a/CVE-2022/CVE-2022-461xx/CVE-2022-46165.json +++ b/CVE-2022/CVE-2022-461xx/CVE-2022-46165.json @@ -2,8 +2,8 @@ "id": "CVE-2022-46165", "sourceIdentifier": "security-advisories@github.com", "published": "2023-06-06T18:15:10.100", - "lastModified": "2023-06-13T16:26:07.947", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-16T04:15:11.407", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -99,6 +99,14 @@ "Exploit", "Vendor Advisory" ] + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IRYGBFJPVBW6PPTETNIBWQJE4HJSA5PJ/", + "source": "security-advisories@github.com" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XEBWSQVGHSTR4ZO7LVVEMPEGMV2DS5XR/", + "source": "security-advisories@github.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-470xx/CVE-2022-47015.json b/CVE-2022/CVE-2022-470xx/CVE-2022-47015.json index e48113b1d6d..e0bd9d660d5 100644 --- a/CVE-2022/CVE-2022-470xx/CVE-2022-47015.json +++ b/CVE-2022/CVE-2022-470xx/CVE-2022-47015.json @@ -2,7 +2,7 @@ "id": "CVE-2022-47015", "sourceIdentifier": "cve@mitre.org", "published": "2023-01-20T19:15:17.443", - "lastModified": "2023-06-10T04:15:10.223", + "lastModified": "2023-06-16T04:15:11.550", "vulnStatus": "Modified", "descriptions": [ { @@ -82,6 +82,10 @@ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O22PO3Q6TRSNJI2A2WTJH3VVCHEKBF6C/", "source": "cve@mitre.org" }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SUQ33SPQCZQD63TWAM3XKFNVNFRGPFYU/", + "source": "cve@mitre.org" + }, { "url": "https://security.netapp.com/advisory/ntap-20230309-0009/", "source": "cve@mitre.org" diff --git a/CVE-2023/CVE-2023-06xx/CVE-2023-0666.json b/CVE-2023/CVE-2023-06xx/CVE-2023-0666.json index edeaca52083..f6022601106 100644 --- a/CVE-2023/CVE-2023-06xx/CVE-2023-0666.json +++ b/CVE-2023/CVE-2023-06xx/CVE-2023-0666.json @@ -2,8 +2,8 @@ "id": "CVE-2023-0666", "sourceIdentifier": "cve@takeonme.org", "published": "2023-06-07T03:15:09.000", - "lastModified": "2023-06-14T18:12:46.100", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-16T04:15:11.707", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -95,6 +95,10 @@ "Exploit" ] }, + { + "url": "https://www.debian.org/security/2023/dsa-5429", + "source": "cve@takeonme.org" + }, { "url": "https://www.wireshark.org/docs/relnotes/wireshark-4.0.6.html", "source": "cve@takeonme.org", diff --git a/CVE-2023/CVE-2023-06xx/CVE-2023-0668.json b/CVE-2023/CVE-2023-06xx/CVE-2023-0668.json index b9ce3392098..b79c3180394 100644 --- a/CVE-2023/CVE-2023-06xx/CVE-2023-0668.json +++ b/CVE-2023/CVE-2023-06xx/CVE-2023-0668.json @@ -2,8 +2,8 @@ "id": "CVE-2023-0668", "sourceIdentifier": "cve@takeonme.org", "published": "2023-06-07T03:15:09.193", - "lastModified": "2023-06-13T18:51:48.703", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-16T04:15:11.830", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -102,6 +102,10 @@ "Exploit" ] }, + { + "url": "https://www.debian.org/security/2023/dsa-5429", + "source": "cve@takeonme.org" + }, { "url": "https://www.wireshark.org/docs/relnotes/wireshark-4.0.6.html", "source": "cve@takeonme.org", diff --git a/CVE-2023/CVE-2023-11xx/CVE-2023-1161.json b/CVE-2023/CVE-2023-11xx/CVE-2023-1161.json index 36a712c6d4b..2705dd9dc39 100644 --- a/CVE-2023/CVE-2023-11xx/CVE-2023-1161.json +++ b/CVE-2023/CVE-2023-11xx/CVE-2023-1161.json @@ -2,7 +2,7 @@ "id": "CVE-2023-1161", "sourceIdentifier": "cve@gitlab.com", "published": "2023-03-06T21:15:10.990", - "lastModified": "2023-04-29T21:15:39.143", + "lastModified": "2023-06-16T04:15:11.953", "vulnStatus": "Modified", "descriptions": [ { @@ -112,6 +112,10 @@ "url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00029.html", "source": "cve@gitlab.com" }, + { + "url": "https://www.debian.org/security/2023/dsa-5429", + "source": "cve@gitlab.com" + }, { "url": "https://www.wireshark.org/security/wnpa-sec-2023-08.html", "source": "cve@gitlab.com", diff --git a/CVE-2023/CVE-2023-19xx/CVE-2023-1992.json b/CVE-2023/CVE-2023-19xx/CVE-2023-1992.json index b8bf3516401..fa37f22bf21 100644 --- a/CVE-2023/CVE-2023-19xx/CVE-2023-1992.json +++ b/CVE-2023/CVE-2023-19xx/CVE-2023-1992.json @@ -2,7 +2,7 @@ "id": "CVE-2023-1992", "sourceIdentifier": "cve@gitlab.com", "published": "2023-04-12T21:15:15.147", - "lastModified": "2023-04-29T21:15:39.233", + "lastModified": "2023-06-16T04:15:12.127", "vulnStatus": "Modified", "descriptions": [ { @@ -126,6 +126,10 @@ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PFJERBHVWYLYWXO2B3V47QH66IEB6EZ3/", "source": "cve@gitlab.com" }, + { + "url": "https://www.debian.org/security/2023/dsa-5429", + "source": "cve@gitlab.com" + }, { "url": "https://www.wireshark.org/security/wnpa-sec-2023-09.html", "source": "cve@gitlab.com", diff --git a/CVE-2023/CVE-2023-19xx/CVE-2023-1993.json b/CVE-2023/CVE-2023-19xx/CVE-2023-1993.json index ebb390d8799..4adeb1ae3f1 100644 --- a/CVE-2023/CVE-2023-19xx/CVE-2023-1993.json +++ b/CVE-2023/CVE-2023-19xx/CVE-2023-1993.json @@ -2,7 +2,7 @@ "id": "CVE-2023-1993", "sourceIdentifier": "cve@gitlab.com", "published": "2023-04-12T21:15:16.183", - "lastModified": "2023-04-29T21:15:39.303", + "lastModified": "2023-06-16T04:15:12.253", "vulnStatus": "Modified", "descriptions": [ { @@ -126,6 +126,10 @@ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PFJERBHVWYLYWXO2B3V47QH66IEB6EZ3/", "source": "cve@gitlab.com" }, + { + "url": "https://www.debian.org/security/2023/dsa-5429", + "source": "cve@gitlab.com" + }, { "url": "https://www.wireshark.org/security/wnpa-sec-2023-10.html", "source": "cve@gitlab.com", diff --git a/CVE-2023/CVE-2023-19xx/CVE-2023-1994.json b/CVE-2023/CVE-2023-19xx/CVE-2023-1994.json index b7ecde83112..fa82158fec9 100644 --- a/CVE-2023/CVE-2023-19xx/CVE-2023-1994.json +++ b/CVE-2023/CVE-2023-19xx/CVE-2023-1994.json @@ -2,7 +2,7 @@ "id": "CVE-2023-1994", "sourceIdentifier": "cve@gitlab.com", "published": "2023-04-12T22:15:13.987", - "lastModified": "2023-04-29T21:15:39.360", + "lastModified": "2023-06-16T04:15:12.347", "vulnStatus": "Modified", "descriptions": [ { @@ -125,6 +125,10 @@ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PFJERBHVWYLYWXO2B3V47QH66IEB6EZ3/", "source": "cve@gitlab.com" }, + { + "url": "https://www.debian.org/security/2023/dsa-5429", + "source": "cve@gitlab.com" + }, { "url": "https://www.wireshark.org/security/wnpa-sec-2023-11.html", "source": "cve@gitlab.com", diff --git a/CVE-2023/CVE-2023-240xx/CVE-2023-24038.json b/CVE-2023/CVE-2023-240xx/CVE-2023-24038.json index 3be659c272d..f006cf9ac3e 100644 --- a/CVE-2023/CVE-2023-240xx/CVE-2023-24038.json +++ b/CVE-2023/CVE-2023-240xx/CVE-2023-24038.json @@ -2,7 +2,7 @@ "id": "CVE-2023-24038", "sourceIdentifier": "cve@mitre.org", "published": "2023-01-21T01:15:15.183", - "lastModified": "2023-02-06T00:15:09.127", + "lastModified": "2023-06-16T04:15:12.473", "vulnStatus": "Modified", "descriptions": [ { @@ -97,6 +97,14 @@ "Third Party Advisory" ] }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MYD5PFRUUB4VVY52I5KA3RQ7SQOD7YM/", + "source": "cve@mitre.org" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ASDRHN2MLGL2HGBUNDZG4YLUWW6NSUKD/", + "source": "cve@mitre.org" + }, { "url": "https://www.debian.org/security/2023/dsa-5339", "source": "cve@mitre.org" diff --git a/CVE-2023/CVE-2023-243xx/CVE-2023-24329.json b/CVE-2023/CVE-2023-243xx/CVE-2023-24329.json index 795f162aaba..883a92e106a 100644 --- a/CVE-2023/CVE-2023-243xx/CVE-2023-24329.json +++ b/CVE-2023/CVE-2023-243xx/CVE-2023-24329.json @@ -2,7 +2,7 @@ "id": "CVE-2023-24329", "sourceIdentifier": "cve@mitre.org", "published": "2023-02-17T15:15:12.243", - "lastModified": "2023-06-14T04:15:18.797", + "lastModified": "2023-06-16T04:15:12.660", "vulnStatus": "Modified", "descriptions": [ { @@ -120,6 +120,10 @@ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OHHJHJRLEF3TDT2K3676CAUVRDD4CCMR/", "source": "cve@mitre.org" }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PEUN6T22UJFXR7J5F6UUHCXXPKJ2DVHI/", + "source": "cve@mitre.org" + }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PURM5CFDABEWAIWZFD2MQ7ZJGCPYSQ44/", "source": "cve@mitre.org" diff --git a/CVE-2023/CVE-2023-28xx/CVE-2023-2854.json b/CVE-2023/CVE-2023-28xx/CVE-2023-2854.json index ace48242826..8f335df4848 100644 --- a/CVE-2023/CVE-2023-28xx/CVE-2023-2854.json +++ b/CVE-2023/CVE-2023-28xx/CVE-2023-2854.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2854", "sourceIdentifier": "cve@gitlab.com", "published": "2023-05-26T21:15:17.643", - "lastModified": "2023-06-01T13:29:37.067", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-16T04:15:12.840", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -110,6 +110,10 @@ "Third Party Advisory" ] }, + { + "url": "https://www.debian.org/security/2023/dsa-5429", + "source": "cve@gitlab.com" + }, { "url": "https://www.wireshark.org/security/wnpa-sec-2023-17.html", "source": "cve@gitlab.com", diff --git a/CVE-2023/CVE-2023-28xx/CVE-2023-2855.json b/CVE-2023/CVE-2023-28xx/CVE-2023-2855.json index 3f3d8312bd7..e7566b53414 100644 --- a/CVE-2023/CVE-2023-28xx/CVE-2023-2855.json +++ b/CVE-2023/CVE-2023-28xx/CVE-2023-2855.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2855", "sourceIdentifier": "cve@gitlab.com", "published": "2023-05-26T21:15:17.757", - "lastModified": "2023-06-01T13:29:47.293", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-16T04:15:12.943", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -110,6 +110,10 @@ "Third Party Advisory" ] }, + { + "url": "https://www.debian.org/security/2023/dsa-5429", + "source": "cve@gitlab.com" + }, { "url": "https://www.wireshark.org/security/wnpa-sec-2023-12.html", "source": "cve@gitlab.com", diff --git a/CVE-2023/CVE-2023-28xx/CVE-2023-2856.json b/CVE-2023/CVE-2023-28xx/CVE-2023-2856.json index a3536c3a895..50a4e4de51a 100644 --- a/CVE-2023/CVE-2023-28xx/CVE-2023-2856.json +++ b/CVE-2023/CVE-2023-28xx/CVE-2023-2856.json @@ -2,7 +2,7 @@ "id": "CVE-2023-2856", "sourceIdentifier": "cve@gitlab.com", "published": "2023-05-26T21:15:17.913", - "lastModified": "2023-06-03T19:15:09.063", + "lastModified": "2023-06-16T04:15:13.027", "vulnStatus": "Modified", "descriptions": [ { @@ -114,6 +114,10 @@ "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00004.html", "source": "cve@gitlab.com" }, + { + "url": "https://www.debian.org/security/2023/dsa-5429", + "source": "cve@gitlab.com" + }, { "url": "https://www.wireshark.org/security/wnpa-sec-2023-16.html", "source": "cve@gitlab.com", diff --git a/CVE-2023/CVE-2023-28xx/CVE-2023-2857.json b/CVE-2023/CVE-2023-28xx/CVE-2023-2857.json index 7919d25655f..bdff486766e 100644 --- a/CVE-2023/CVE-2023-28xx/CVE-2023-2857.json +++ b/CVE-2023/CVE-2023-28xx/CVE-2023-2857.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2857", "sourceIdentifier": "cve@gitlab.com", "published": "2023-05-26T21:15:18.273", - "lastModified": "2023-06-01T13:29:58.397", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-16T04:15:13.147", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -110,6 +110,10 @@ "Third Party Advisory" ] }, + { + "url": "https://www.debian.org/security/2023/dsa-5429", + "source": "cve@gitlab.com" + }, { "url": "https://www.wireshark.org/security/wnpa-sec-2023-13.html", "source": "cve@gitlab.com", diff --git a/CVE-2023/CVE-2023-28xx/CVE-2023-2858.json b/CVE-2023/CVE-2023-28xx/CVE-2023-2858.json index be885c39e52..7a4afb2fd48 100644 --- a/CVE-2023/CVE-2023-28xx/CVE-2023-2858.json +++ b/CVE-2023/CVE-2023-28xx/CVE-2023-2858.json @@ -2,7 +2,7 @@ "id": "CVE-2023-2858", "sourceIdentifier": "cve@gitlab.com", "published": "2023-05-26T21:15:18.633", - "lastModified": "2023-06-03T19:15:09.160", + "lastModified": "2023-06-16T04:15:13.240", "vulnStatus": "Modified", "descriptions": [ { @@ -114,6 +114,10 @@ "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00004.html", "source": "cve@gitlab.com" }, + { + "url": "https://www.debian.org/security/2023/dsa-5429", + "source": "cve@gitlab.com" + }, { "url": "https://www.wireshark.org/security/wnpa-sec-2023-15.html", "source": "cve@gitlab.com", diff --git a/CVE-2023/CVE-2023-28xx/CVE-2023-2879.json b/CVE-2023/CVE-2023-28xx/CVE-2023-2879.json index d051f26e0cd..ee85c3086b5 100644 --- a/CVE-2023/CVE-2023-28xx/CVE-2023-2879.json +++ b/CVE-2023/CVE-2023-28xx/CVE-2023-2879.json @@ -2,7 +2,7 @@ "id": "CVE-2023-2879", "sourceIdentifier": "cve@gitlab.com", "published": "2023-05-26T21:15:19.000", - "lastModified": "2023-06-03T19:15:09.237", + "lastModified": "2023-06-16T04:15:13.340", "vulnStatus": "Modified", "descriptions": [ { @@ -114,6 +114,10 @@ "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00004.html", "source": "cve@gitlab.com" }, + { + "url": "https://www.debian.org/security/2023/dsa-5429", + "source": "cve@gitlab.com" + }, { "url": "https://www.wireshark.org/security/wnpa-sec-2023-14.html", "source": "cve@gitlab.com", diff --git a/CVE-2023/CVE-2023-29xx/CVE-2023-2952.json b/CVE-2023/CVE-2023-29xx/CVE-2023-2952.json index 130131d833b..3d345a846ab 100644 --- a/CVE-2023/CVE-2023-29xx/CVE-2023-2952.json +++ b/CVE-2023/CVE-2023-29xx/CVE-2023-2952.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2952", "sourceIdentifier": "cve@gitlab.com", "published": "2023-05-30T23:15:09.887", - "lastModified": "2023-06-06T20:18:04.490", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-16T04:15:13.610", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -129,6 +129,10 @@ "Mailing List" ] }, + { + "url": "https://www.debian.org/security/2023/dsa-5429", + "source": "cve@gitlab.com" + }, { "url": "https://www.wireshark.org/security/wnpa-sec-2023-20.html", "source": "cve@gitlab.com", diff --git a/CVE-2023/CVE-2023-327xx/CVE-2023-32752.json b/CVE-2023/CVE-2023-327xx/CVE-2023-32752.json new file mode 100644 index 00000000000..cee51741b88 --- /dev/null +++ b/CVE-2023/CVE-2023-327xx/CVE-2023-32752.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-32752", + "sourceIdentifier": "twcert@cert.org.tw", + "published": "2023-06-16T04:15:13.717", + "lastModified": "2023-06-16T05:15:50.547", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "L7 Networks InstantScan IS-8000 & InstantQoS IQ-8000\u2019s file uploading function does not restrict upload of file with dangerous type. An unauthenticated remote attacker can exploit this vulnerability to upload and run arbitrary executable files to perform arbitrary system commands or disrupt service." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "twcert@cert.org.tw", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "twcert@cert.org.tw", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + } + ], + "references": [ + { + "url": "https://www.twcert.org.tw/en/cp-139-7189-5995e-2.html", + "source": "twcert@cert.org.tw" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-327xx/CVE-2023-32753.json b/CVE-2023/CVE-2023-327xx/CVE-2023-32753.json new file mode 100644 index 00000000000..59a4beef744 --- /dev/null +++ b/CVE-2023/CVE-2023-327xx/CVE-2023-32753.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-32753", + "sourceIdentifier": "twcert@cert.org.tw", + "published": "2023-06-16T04:15:13.863", + "lastModified": "2023-06-16T05:15:50.637", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "OMICARD EDM\u2019s file uploading function does not restrict upload of file with dangerous type. An unauthenticated remote attacker can exploit this vulnerability to upload and run arbitrary executable files to perform arbitrary system commands or disrupt service." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "twcert@cert.org.tw", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "twcert@cert.org.tw", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + } + ], + "references": [ + { + "url": "https://www.twcert.org.tw/en/cp-139-7190-d73c1-2.html", + "source": "twcert@cert.org.tw" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-327xx/CVE-2023-32754.json b/CVE-2023/CVE-2023-327xx/CVE-2023-32754.json new file mode 100644 index 00000000000..356666994dd --- /dev/null +++ b/CVE-2023/CVE-2023-327xx/CVE-2023-32754.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-32754", + "sourceIdentifier": "twcert@cert.org.tw", + "published": "2023-06-16T04:15:13.947", + "lastModified": "2023-06-16T04:15:13.947", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Thinking Software Efence login function has insufficient validation for user input. An unauthenticated remote attacker can exploit this vulnerability to inject arbitrary SQL commands to access, modify or delete database." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "twcert@cert.org.tw", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "twcert@cert.org.tw", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://www.twcert.org.tw/tw/cp-132-7161-3e7c9-1.html", + "source": "twcert@cert.org.tw" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-32xx/CVE-2023-3214.json b/CVE-2023/CVE-2023-32xx/CVE-2023-3214.json index 1bfd7e24c9c..b199373edd8 100644 --- a/CVE-2023/CVE-2023-32xx/CVE-2023-3214.json +++ b/CVE-2023/CVE-2023-32xx/CVE-2023-3214.json @@ -2,7 +2,7 @@ "id": "CVE-2023-3214", "sourceIdentifier": "chrome-cve-admin@google.com", "published": "2023-06-13T18:15:22.170", - "lastModified": "2023-06-13T18:27:41.330", + "lastModified": "2023-06-16T04:15:14.263", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -19,6 +19,10 @@ { "url": "https://crbug.com/1450568", "source": "chrome-cve-admin@google.com" + }, + { + "url": "https://www.debian.org/security/2023/dsa-5428", + "source": "chrome-cve-admin@google.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-32xx/CVE-2023-3215.json b/CVE-2023/CVE-2023-32xx/CVE-2023-3215.json index ef35a16021d..534143f9b65 100644 --- a/CVE-2023/CVE-2023-32xx/CVE-2023-3215.json +++ b/CVE-2023/CVE-2023-32xx/CVE-2023-3215.json @@ -2,7 +2,7 @@ "id": "CVE-2023-3215", "sourceIdentifier": "chrome-cve-admin@google.com", "published": "2023-06-13T18:15:22.223", - "lastModified": "2023-06-13T18:27:41.330", + "lastModified": "2023-06-16T04:15:14.337", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -19,6 +19,10 @@ { "url": "https://crbug.com/1446274", "source": "chrome-cve-admin@google.com" + }, + { + "url": "https://www.debian.org/security/2023/dsa-5428", + "source": "chrome-cve-admin@google.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-32xx/CVE-2023-3216.json b/CVE-2023/CVE-2023-32xx/CVE-2023-3216.json index 994ef171e80..f81bd43093a 100644 --- a/CVE-2023/CVE-2023-32xx/CVE-2023-3216.json +++ b/CVE-2023/CVE-2023-32xx/CVE-2023-3216.json @@ -2,7 +2,7 @@ "id": "CVE-2023-3216", "sourceIdentifier": "chrome-cve-admin@google.com", "published": "2023-06-13T18:15:22.273", - "lastModified": "2023-06-13T18:27:41.330", + "lastModified": "2023-06-16T04:15:14.393", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -19,6 +19,10 @@ { "url": "https://crbug.com/1450114", "source": "chrome-cve-admin@google.com" + }, + { + "url": "https://www.debian.org/security/2023/dsa-5428", + "source": "chrome-cve-admin@google.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-32xx/CVE-2023-3217.json b/CVE-2023/CVE-2023-32xx/CVE-2023-3217.json index 7298db8cd64..cbedf756d66 100644 --- a/CVE-2023/CVE-2023-32xx/CVE-2023-3217.json +++ b/CVE-2023/CVE-2023-32xx/CVE-2023-3217.json @@ -2,7 +2,7 @@ "id": "CVE-2023-3217", "sourceIdentifier": "chrome-cve-admin@google.com", "published": "2023-06-13T18:15:22.320", - "lastModified": "2023-06-13T18:27:41.330", + "lastModified": "2023-06-16T04:15:14.453", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -19,6 +19,10 @@ { "url": "https://crbug.com/1450601", "source": "chrome-cve-admin@google.com" + }, + { + "url": "https://www.debian.org/security/2023/dsa-5428", + "source": "chrome-cve-admin@google.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-334xx/CVE-2023-33461.json b/CVE-2023/CVE-2023-334xx/CVE-2023-33461.json index af61a286cd3..b8a0046948f 100644 --- a/CVE-2023/CVE-2023-334xx/CVE-2023-33461.json +++ b/CVE-2023/CVE-2023-334xx/CVE-2023-33461.json @@ -2,8 +2,8 @@ "id": "CVE-2023-33461", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-01T03:15:20.547", - "lastModified": "2023-06-08T16:50:51.870", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-16T04:15:14.040", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -76,6 +76,10 @@ "Issue Tracking", "Vendor Advisory" ] + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BQAIP5AURSTWIQOOP7G4CXYJ5IIGPY3Q/", + "source": "cve@mitre.org" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-348xx/CVE-2023-34845.json b/CVE-2023/CVE-2023-348xx/CVE-2023-34845.json new file mode 100644 index 00000000000..7910380cae9 --- /dev/null +++ b/CVE-2023/CVE-2023-348xx/CVE-2023-34845.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-34845", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-06-16T04:15:14.143", + "lastModified": "2023-06-16T04:15:14.143", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Bludit v3.14.1 was discovered to contain an arbitrary file upload vulnerability in the component /admin/new-content. This vulnerability allows attackers to execute arbitrary web scripts or HTML via uploading a crafted SVG file." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/bludit/bludit/issues/1508", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-357xx/CVE-2023-35708.json b/CVE-2023/CVE-2023-357xx/CVE-2023-35708.json new file mode 100644 index 00000000000..977e8057d74 --- /dev/null +++ b/CVE-2023/CVE-2023-357xx/CVE-2023-35708.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2023-35708", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-06-16T04:15:14.203", + "lastModified": "2023-06-16T04:15:14.203", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Progress MOVEit Transfer has a privilege escalation vulnerability that can be addressed with DLL drop-in version 2023.0.3 (15.0.3) and other specific fixed versions (stated below). The availability date of fixed versions of the DLL drop-in is earlier than the availability date of fixed versions of the full installer. The specific weakness and impact details will be mentioned in a later update to this CVE Record. These are fixed versions of the DLL drop-in: 2020.1.10 (12.1.10), 2021.0.8 (13.0.8), 2021.1.6 (13.1.6), 2022.0.6 (14.0.6), 2022.1.7 (14.1.7), and 2023.0.3 (15.0.3)." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://community.progress.com/s/article/MOVEit-Transfer-Critical-Vulnerability-15June2023", + "source": "cve@mitre.org" + }, + { + "url": "https://www.cisa.gov/news-events/alerts/2023/06/15/progress-software-releases-security-advisory-moveit-transfer-vulnerability", + "source": "cve@mitre.org" + }, + { + "url": "https://www.progress.com/security/moveit-transfer-and-moveit-cloud-vulnerability", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 7034ea3b3c7..97bd01e72ae 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-06-16T04:00:27.602280+00:00 +2023-06-16T06:00:34.503353+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-06-16T03:58:38.280000+00:00 +2023-06-16T05:15:50.637000+00:00 ``` ### Last Data Feed Release @@ -29,45 +29,46 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -217896 +217901 ``` ### CVEs added in the last Commit -Recently added CVEs: `1` +Recently added CVEs: `5` -* [CVE-2023-3291](CVE-2023/CVE-2023-32xx/CVE-2023-3291.json) (`2023-06-16T02:15:08.473`) +* [CVE-2023-32754](CVE-2023/CVE-2023-327xx/CVE-2023-32754.json) (`2023-06-16T04:15:13.947`) +* [CVE-2023-34845](CVE-2023/CVE-2023-348xx/CVE-2023-34845.json) (`2023-06-16T04:15:14.143`) +* [CVE-2023-35708](CVE-2023/CVE-2023-357xx/CVE-2023-35708.json) (`2023-06-16T04:15:14.203`) +* [CVE-2023-32752](CVE-2023/CVE-2023-327xx/CVE-2023-32752.json) (`2023-06-16T04:15:13.717`) +* [CVE-2023-32753](CVE-2023/CVE-2023-327xx/CVE-2023-32753.json) (`2023-06-16T04:15:13.863`) ### CVEs modified in the last Commit -Recently modified CVEs: `59` +Recently modified CVEs: `22` -* [CVE-2023-1978](CVE-2023/CVE-2023-19xx/CVE-2023-1978.json) (`2023-06-16T03:42:56.330`) -* [CVE-2023-26465](CVE-2023/CVE-2023-264xx/CVE-2023-26465.json) (`2023-06-16T03:45:07.707`) -* [CVE-2023-3187](CVE-2023/CVE-2023-31xx/CVE-2023-3187.json) (`2023-06-16T03:46:24.830`) -* [CVE-2023-3188](CVE-2023/CVE-2023-31xx/CVE-2023-3188.json) (`2023-06-16T03:47:37.890`) -* [CVE-2023-26132](CVE-2023/CVE-2023-261xx/CVE-2023-26132.json) (`2023-06-16T03:48:26.687`) -* [CVE-2023-3192](CVE-2023/CVE-2023-31xx/CVE-2023-3192.json) (`2023-06-16T03:48:45.040`) -* [CVE-2023-22582](CVE-2023/CVE-2023-225xx/CVE-2023-22582.json) (`2023-06-16T03:48:59.780`) -* [CVE-2023-22583](CVE-2023/CVE-2023-225xx/CVE-2023-22583.json) (`2023-06-16T03:49:05.240`) -* [CVE-2023-22584](CVE-2023/CVE-2023-225xx/CVE-2023-22584.json) (`2023-06-16T03:49:12.840`) -* [CVE-2023-22585](CVE-2023/CVE-2023-225xx/CVE-2023-22585.json) (`2023-06-16T03:49:18.723`) -* [CVE-2023-22586](CVE-2023/CVE-2023-225xx/CVE-2023-22586.json) (`2023-06-16T03:50:40.117`) -* [CVE-2023-25911](CVE-2023/CVE-2023-259xx/CVE-2023-25911.json) (`2023-06-16T03:50:50.247`) -* [CVE-2023-25912](CVE-2023/CVE-2023-259xx/CVE-2023-25912.json) (`2023-06-16T03:50:57.457`) -* [CVE-2023-23818](CVE-2023/CVE-2023-238xx/CVE-2023-23818.json) (`2023-06-16T03:54:06.517`) -* [CVE-2023-33492](CVE-2023/CVE-2023-334xx/CVE-2023-33492.json) (`2023-06-16T03:54:22.820`) -* [CVE-2023-30753](CVE-2023/CVE-2023-307xx/CVE-2023-30753.json) (`2023-06-16T03:54:31.040`) -* [CVE-2023-34488](CVE-2023/CVE-2023-344xx/CVE-2023-34488.json) (`2023-06-16T03:56:04.100`) -* [CVE-2023-31236](CVE-2023/CVE-2023-312xx/CVE-2023-31236.json) (`2023-06-16T03:56:37.700`) -* [CVE-2023-32118](CVE-2023/CVE-2023-321xx/CVE-2023-32118.json) (`2023-06-16T03:56:42.987`) -* [CVE-2023-34581](CVE-2023/CVE-2023-345xx/CVE-2023-34581.json) (`2023-06-16T03:57:24.383`) -* [CVE-2023-28933](CVE-2023/CVE-2023-289xx/CVE-2023-28933.json) (`2023-06-16T03:57:30.010`) -* [CVE-2023-29385](CVE-2023/CVE-2023-293xx/CVE-2023-29385.json) (`2023-06-16T03:57:35.310`) -* [CVE-2023-34026](CVE-2023/CVE-2023-340xx/CVE-2023-34026.json) (`2023-06-16T03:57:42.393`) -* [CVE-2023-33957](CVE-2023/CVE-2023-339xx/CVE-2023-33957.json) (`2023-06-16T03:58:33.067`) -* [CVE-2023-33958](CVE-2023/CVE-2023-339xx/CVE-2023-33958.json) (`2023-06-16T03:58:38.280`) +* [CVE-2022-46165](CVE-2022/CVE-2022-461xx/CVE-2022-46165.json) (`2023-06-16T04:15:11.407`) +* [CVE-2022-47015](CVE-2022/CVE-2022-470xx/CVE-2022-47015.json) (`2023-06-16T04:15:11.550`) +* [CVE-2023-0666](CVE-2023/CVE-2023-06xx/CVE-2023-0666.json) (`2023-06-16T04:15:11.707`) +* [CVE-2023-0668](CVE-2023/CVE-2023-06xx/CVE-2023-0668.json) (`2023-06-16T04:15:11.830`) +* [CVE-2023-1161](CVE-2023/CVE-2023-11xx/CVE-2023-1161.json) (`2023-06-16T04:15:11.953`) +* [CVE-2023-1992](CVE-2023/CVE-2023-19xx/CVE-2023-1992.json) (`2023-06-16T04:15:12.127`) +* [CVE-2023-1993](CVE-2023/CVE-2023-19xx/CVE-2023-1993.json) (`2023-06-16T04:15:12.253`) +* [CVE-2023-1994](CVE-2023/CVE-2023-19xx/CVE-2023-1994.json) (`2023-06-16T04:15:12.347`) +* [CVE-2023-24038](CVE-2023/CVE-2023-240xx/CVE-2023-24038.json) (`2023-06-16T04:15:12.473`) +* [CVE-2023-24329](CVE-2023/CVE-2023-243xx/CVE-2023-24329.json) (`2023-06-16T04:15:12.660`) +* [CVE-2023-2854](CVE-2023/CVE-2023-28xx/CVE-2023-2854.json) (`2023-06-16T04:15:12.840`) +* [CVE-2023-2855](CVE-2023/CVE-2023-28xx/CVE-2023-2855.json) (`2023-06-16T04:15:12.943`) +* [CVE-2023-2856](CVE-2023/CVE-2023-28xx/CVE-2023-2856.json) (`2023-06-16T04:15:13.027`) +* [CVE-2023-2857](CVE-2023/CVE-2023-28xx/CVE-2023-2857.json) (`2023-06-16T04:15:13.147`) +* [CVE-2023-2858](CVE-2023/CVE-2023-28xx/CVE-2023-2858.json) (`2023-06-16T04:15:13.240`) +* [CVE-2023-2879](CVE-2023/CVE-2023-28xx/CVE-2023-2879.json) (`2023-06-16T04:15:13.340`) +* [CVE-2023-2952](CVE-2023/CVE-2023-29xx/CVE-2023-2952.json) (`2023-06-16T04:15:13.610`) +* [CVE-2023-33461](CVE-2023/CVE-2023-334xx/CVE-2023-33461.json) (`2023-06-16T04:15:14.040`) +* [CVE-2023-3214](CVE-2023/CVE-2023-32xx/CVE-2023-3214.json) (`2023-06-16T04:15:14.263`) +* [CVE-2023-3215](CVE-2023/CVE-2023-32xx/CVE-2023-3215.json) (`2023-06-16T04:15:14.337`) +* [CVE-2023-3216](CVE-2023/CVE-2023-32xx/CVE-2023-3216.json) (`2023-06-16T04:15:14.393`) +* [CVE-2023-3217](CVE-2023/CVE-2023-32xx/CVE-2023-3217.json) (`2023-06-16T04:15:14.453`) ## Download and Usage